Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/firefox@50.1.0-1
Typealpm
Namespacearchlinux
Namefirefox
Version50.1.0-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version52.0-1
Latest_non_vulnerable_version101.0-1
Affected_by_vulnerabilities
0
url VCID-4z19-eyh7-9yf4
vulnerability_id VCID-4z19-eyh7-9yf4
summary The existence of a specifically requested local file can be found due to the double firing of the onerror when the source attribute on a <track> tag refers to a file that does not exist if the source page is loaded locally.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5387
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.31882
published_at 2026-04-21T12:55:00Z
1
value 0.00126
scoring_system epss
scoring_elements 0.31895
published_at 2026-04-01T12:55:00Z
2
value 0.00126
scoring_system epss
scoring_elements 0.31971
published_at 2026-04-11T12:55:00Z
3
value 0.00126
scoring_system epss
scoring_elements 0.31931
published_at 2026-04-16T12:55:00Z
4
value 0.00126
scoring_system epss
scoring_elements 0.31897
published_at 2026-04-13T12:55:00Z
5
value 0.00126
scoring_system epss
scoring_elements 0.3191
published_at 2026-04-18T12:55:00Z
6
value 0.00126
scoring_system epss
scoring_elements 0.32022
published_at 2026-04-02T12:55:00Z
7
value 0.00126
scoring_system epss
scoring_elements 0.32063
published_at 2026-04-04T12:55:00Z
8
value 0.00126
scoring_system epss
scoring_elements 0.31886
published_at 2026-04-07T12:55:00Z
9
value 0.00126
scoring_system epss
scoring_elements 0.31938
published_at 2026-04-08T12:55:00Z
10
value 0.00126
scoring_system epss
scoring_elements 0.31967
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5387
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1295023
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1295023
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5387
reference_id CVE-2017-5387
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5387
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5387
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4z19-eyh7-9yf4
1
url VCID-5n3q-eby7-67de
vulnerability_id VCID-5n3q-eby7-67de
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5373
reference_id
reference_type
scores
0
value 0.01799
scoring_system epss
scoring_elements 0.82822
published_at 2026-04-21T12:55:00Z
1
value 0.01799
scoring_system epss
scoring_elements 0.82744
published_at 2026-04-04T12:55:00Z
2
value 0.01799
scoring_system epss
scoring_elements 0.82741
published_at 2026-04-07T12:55:00Z
3
value 0.01799
scoring_system epss
scoring_elements 0.82767
published_at 2026-04-08T12:55:00Z
4
value 0.01799
scoring_system epss
scoring_elements 0.82774
published_at 2026-04-09T12:55:00Z
5
value 0.01799
scoring_system epss
scoring_elements 0.8279
published_at 2026-04-11T12:55:00Z
6
value 0.01799
scoring_system epss
scoring_elements 0.82785
published_at 2026-04-12T12:55:00Z
7
value 0.01799
scoring_system epss
scoring_elements 0.82781
published_at 2026-04-13T12:55:00Z
8
value 0.01799
scoring_system epss
scoring_elements 0.82819
published_at 2026-04-18T12:55:00Z
9
value 0.01799
scoring_system epss
scoring_elements 0.82714
published_at 2026-04-01T12:55:00Z
10
value 0.01799
scoring_system epss
scoring_elements 0.8273
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5373
4
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
23
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
24
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
25
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
26
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
29
reference_url http://www.securityfocus.com/bid/95762
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95762
30
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1415924
reference_id 1415924
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1415924
32
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
33
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
34
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
35
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5373
reference_id CVE-2017-5373
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5373
49
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
50
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
51
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
52
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
53
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
54
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
55
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
56
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
57
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5373
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5n3q-eby7-67de
2
url VCID-84kk-wfxx-t3c8
vulnerability_id VCID-84kk-wfxx-t3c8
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5380
reference_id
reference_type
scores
0
value 0.01799
scoring_system epss
scoring_elements 0.82822
published_at 2026-04-21T12:55:00Z
1
value 0.01799
scoring_system epss
scoring_elements 0.82744
published_at 2026-04-04T12:55:00Z
2
value 0.01799
scoring_system epss
scoring_elements 0.82741
published_at 2026-04-07T12:55:00Z
3
value 0.01799
scoring_system epss
scoring_elements 0.82767
published_at 2026-04-08T12:55:00Z
4
value 0.01799
scoring_system epss
scoring_elements 0.82774
published_at 2026-04-09T12:55:00Z
5
value 0.01799
scoring_system epss
scoring_elements 0.8279
published_at 2026-04-11T12:55:00Z
6
value 0.01799
scoring_system epss
scoring_elements 0.82785
published_at 2026-04-12T12:55:00Z
7
value 0.01799
scoring_system epss
scoring_elements 0.82781
published_at 2026-04-13T12:55:00Z
8
value 0.01799
scoring_system epss
scoring_elements 0.82819
published_at 2026-04-18T12:55:00Z
9
value 0.01799
scoring_system epss
scoring_elements 0.82714
published_at 2026-04-01T12:55:00Z
10
value 0.01799
scoring_system epss
scoring_elements 0.8273
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5380
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1322107
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1322107
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
23
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
24
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
25
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
26
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
29
reference_url http://www.securityfocus.com/bid/95769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95769
30
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416274
reference_id 1416274
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416274
32
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
33
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
34
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
35
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5380
reference_id CVE-2017-5380
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5380
57
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
58
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
59
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
61
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
62
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
63
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
64
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
65
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5380
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84kk-wfxx-t3c8
3
url VCID-af6b-4jqc-fugx
vulnerability_id VCID-af6b-4jqc-fugx
summary The mozAddonManager allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5393
reference_id
reference_type
scores
0
value 0.00466
scoring_system epss
scoring_elements 0.6444
published_at 2026-04-21T12:55:00Z
1
value 0.00466
scoring_system epss
scoring_elements 0.64322
published_at 2026-04-01T12:55:00Z
2
value 0.00466
scoring_system epss
scoring_elements 0.64442
published_at 2026-04-11T12:55:00Z
3
value 0.00466
scoring_system epss
scoring_elements 0.64401
published_at 2026-04-13T12:55:00Z
4
value 0.00466
scoring_system epss
scoring_elements 0.64435
published_at 2026-04-16T12:55:00Z
5
value 0.00466
scoring_system epss
scoring_elements 0.64447
published_at 2026-04-18T12:55:00Z
6
value 0.00466
scoring_system epss
scoring_elements 0.64376
published_at 2026-04-02T12:55:00Z
7
value 0.00466
scoring_system epss
scoring_elements 0.64405
published_at 2026-04-04T12:55:00Z
8
value 0.00466
scoring_system epss
scoring_elements 0.64366
published_at 2026-04-07T12:55:00Z
9
value 0.00466
scoring_system epss
scoring_elements 0.64414
published_at 2026-04-08T12:55:00Z
10
value 0.00466
scoring_system epss
scoring_elements 0.64429
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5393
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1309282
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1309282
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5393
reference_id CVE-2017-5393
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5393
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5393
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-af6b-4jqc-fugx
4
url VCID-ahzr-nr7g-5ue2
vulnerability_id VCID-ahzr-nr7g-5ue2
summary A STUN server in conjunction with a large number of webkitRTCPeerConnection objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5388
reference_id
reference_type
scores
0
value 0.0128
scoring_system epss
scoring_elements 0.79607
published_at 2026-04-21T12:55:00Z
1
value 0.0128
scoring_system epss
scoring_elements 0.79526
published_at 2026-04-01T12:55:00Z
2
value 0.0128
scoring_system epss
scoring_elements 0.79583
published_at 2026-04-12T12:55:00Z
3
value 0.0128
scoring_system epss
scoring_elements 0.79575
published_at 2026-04-13T12:55:00Z
4
value 0.0128
scoring_system epss
scoring_elements 0.79605
published_at 2026-04-16T12:55:00Z
5
value 0.0128
scoring_system epss
scoring_elements 0.79604
published_at 2026-04-18T12:55:00Z
6
value 0.0128
scoring_system epss
scoring_elements 0.79532
published_at 2026-04-02T12:55:00Z
7
value 0.0128
scoring_system epss
scoring_elements 0.79555
published_at 2026-04-04T12:55:00Z
8
value 0.0128
scoring_system epss
scoring_elements 0.79542
published_at 2026-04-07T12:55:00Z
9
value 0.0128
scoring_system epss
scoring_elements 0.7957
published_at 2026-04-08T12:55:00Z
10
value 0.0128
scoring_system epss
scoring_elements 0.79578
published_at 2026-04-09T12:55:00Z
11
value 0.0128
scoring_system epss
scoring_elements 0.79599
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5388
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1281482
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1281482
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5388
reference_id CVE-2017-5388
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5388
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5388
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ahzr-nr7g-5ue2
5
url VCID-bjyq-1zfk-eugq
vulnerability_id VCID-bjyq-1zfk-eugq
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5383
reference_id
reference_type
scores
0
value 0.02444
scoring_system epss
scoring_elements 0.85207
published_at 2026-04-21T12:55:00Z
1
value 0.02444
scoring_system epss
scoring_elements 0.85146
published_at 2026-04-07T12:55:00Z
2
value 0.02444
scoring_system epss
scoring_elements 0.85168
published_at 2026-04-08T12:55:00Z
3
value 0.02444
scoring_system epss
scoring_elements 0.85176
published_at 2026-04-09T12:55:00Z
4
value 0.02444
scoring_system epss
scoring_elements 0.8519
published_at 2026-04-11T12:55:00Z
5
value 0.02444
scoring_system epss
scoring_elements 0.85188
published_at 2026-04-12T12:55:00Z
6
value 0.02444
scoring_system epss
scoring_elements 0.85185
published_at 2026-04-13T12:55:00Z
7
value 0.02444
scoring_system epss
scoring_elements 0.85206
published_at 2026-04-16T12:55:00Z
8
value 0.02444
scoring_system epss
scoring_elements 0.85208
published_at 2026-04-18T12:55:00Z
9
value 0.02444
scoring_system epss
scoring_elements 0.85113
published_at 2026-04-01T12:55:00Z
10
value 0.02444
scoring_system epss
scoring_elements 0.85126
published_at 2026-04-02T12:55:00Z
11
value 0.02444
scoring_system epss
scoring_elements 0.85143
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5383
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1323338
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1323338
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1324716
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1324716
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
24
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
25
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
26
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
29
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
30
reference_url http://www.securityfocus.com/bid/95769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95769
31
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416281
reference_id 1416281
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416281
33
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
34
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
35
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
36
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5383
reference_id CVE-2017-5383
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5383
58
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
59
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
61
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
62
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
63
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
64
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
65
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
66
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5383
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjyq-1zfk-eugq
6
url VCID-c8p3-ef58-wudt
vulnerability_id VCID-c8p3-ef58-wudt
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5376
reference_id
reference_type
scores
0
value 0.01799
scoring_system epss
scoring_elements 0.82822
published_at 2026-04-21T12:55:00Z
1
value 0.01799
scoring_system epss
scoring_elements 0.82744
published_at 2026-04-04T12:55:00Z
2
value 0.01799
scoring_system epss
scoring_elements 0.82741
published_at 2026-04-07T12:55:00Z
3
value 0.01799
scoring_system epss
scoring_elements 0.82767
published_at 2026-04-08T12:55:00Z
4
value 0.01799
scoring_system epss
scoring_elements 0.82774
published_at 2026-04-09T12:55:00Z
5
value 0.01799
scoring_system epss
scoring_elements 0.8279
published_at 2026-04-11T12:55:00Z
6
value 0.01799
scoring_system epss
scoring_elements 0.82785
published_at 2026-04-12T12:55:00Z
7
value 0.01799
scoring_system epss
scoring_elements 0.82781
published_at 2026-04-13T12:55:00Z
8
value 0.01799
scoring_system epss
scoring_elements 0.82819
published_at 2026-04-18T12:55:00Z
9
value 0.01799
scoring_system epss
scoring_elements 0.82714
published_at 2026-04-01T12:55:00Z
10
value 0.01799
scoring_system epss
scoring_elements 0.8273
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5376
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1311687
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1311687
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
23
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
24
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
25
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
26
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
29
reference_url http://www.securityfocus.com/bid/95758
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95758
30
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416272
reference_id 1416272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416272
32
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
33
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
34
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
35
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5376
reference_id CVE-2017-5376
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5376
57
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
58
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
59
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
61
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
62
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
63
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
64
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
65
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5376
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8p3-ef58-wudt
7
url VCID-dv2d-9a59-xkaq
vulnerability_id VCID-dv2d-9a59-xkaq
summary Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5384
reference_id
reference_type
scores
0
value 0.00764
scoring_system epss
scoring_elements 0.73466
published_at 2026-04-21T12:55:00Z
1
value 0.00764
scoring_system epss
scoring_elements 0.7337
published_at 2026-04-01T12:55:00Z
2
value 0.00764
scoring_system epss
scoring_elements 0.73428
published_at 2026-04-12T12:55:00Z
3
value 0.00764
scoring_system epss
scoring_elements 0.7342
published_at 2026-04-13T12:55:00Z
4
value 0.00764
scoring_system epss
scoring_elements 0.73463
published_at 2026-04-16T12:55:00Z
5
value 0.00764
scoring_system epss
scoring_elements 0.73471
published_at 2026-04-18T12:55:00Z
6
value 0.00764
scoring_system epss
scoring_elements 0.73378
published_at 2026-04-02T12:55:00Z
7
value 0.00764
scoring_system epss
scoring_elements 0.73402
published_at 2026-04-04T12:55:00Z
8
value 0.00764
scoring_system epss
scoring_elements 0.73374
published_at 2026-04-07T12:55:00Z
9
value 0.00764
scoring_system epss
scoring_elements 0.73411
published_at 2026-04-08T12:55:00Z
10
value 0.00764
scoring_system epss
scoring_elements 0.73425
published_at 2026-04-09T12:55:00Z
11
value 0.00764
scoring_system epss
scoring_elements 0.73448
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5384
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1255474
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1255474
2
reference_url https://www.contextis.com//resources/blog/leaking-https-urls-20-year-old-vulnerability/
reference_id
reference_type
scores
url https://www.contextis.com//resources/blog/leaking-https-urls-20-year-old-vulnerability/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
4
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
5
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
6
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
7
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5384
reference_id CVE-2017-5384
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5384
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
11
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5384
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dv2d-9a59-xkaq
8
url VCID-e2ww-ngam-cugq
vulnerability_id VCID-e2ww-ngam-cugq
summary The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5381
reference_id
reference_type
scores
0
value 0.01264
scoring_system epss
scoring_elements 0.79474
published_at 2026-04-21T12:55:00Z
1
value 0.01264
scoring_system epss
scoring_elements 0.79392
published_at 2026-04-01T12:55:00Z
2
value 0.01264
scoring_system epss
scoring_elements 0.79452
published_at 2026-04-12T12:55:00Z
3
value 0.01264
scoring_system epss
scoring_elements 0.79441
published_at 2026-04-13T12:55:00Z
4
value 0.01264
scoring_system epss
scoring_elements 0.79471
published_at 2026-04-16T12:55:00Z
5
value 0.01264
scoring_system epss
scoring_elements 0.7947
published_at 2026-04-18T12:55:00Z
6
value 0.01264
scoring_system epss
scoring_elements 0.79399
published_at 2026-04-02T12:55:00Z
7
value 0.01264
scoring_system epss
scoring_elements 0.79421
published_at 2026-04-04T12:55:00Z
8
value 0.01264
scoring_system epss
scoring_elements 0.79408
published_at 2026-04-07T12:55:00Z
9
value 0.01264
scoring_system epss
scoring_elements 0.79436
published_at 2026-04-08T12:55:00Z
10
value 0.01264
scoring_system epss
scoring_elements 0.79445
published_at 2026-04-09T12:55:00Z
11
value 0.01264
scoring_system epss
scoring_elements 0.79468
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5381
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1017616
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1017616
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5381
reference_id CVE-2017-5381
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5381
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5381
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2ww-ngam-cugq
9
url VCID-gcen-3yba-a3ht
vulnerability_id VCID-gcen-3yba-a3ht
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5375
reference_id
reference_type
scores
0
value 0.60738
scoring_system epss
scoring_elements 0.98301
published_at 2026-04-18T12:55:00Z
1
value 0.60738
scoring_system epss
scoring_elements 0.983
published_at 2026-04-21T12:55:00Z
2
value 0.60738
scoring_system epss
scoring_elements 0.98279
published_at 2026-04-01T12:55:00Z
3
value 0.60738
scoring_system epss
scoring_elements 0.98294
published_at 2026-04-13T12:55:00Z
4
value 0.60738
scoring_system epss
scoring_elements 0.9829
published_at 2026-04-09T12:55:00Z
5
value 0.60738
scoring_system epss
scoring_elements 0.98289
published_at 2026-04-08T12:55:00Z
6
value 0.60738
scoring_system epss
scoring_elements 0.98285
published_at 2026-04-07T12:55:00Z
7
value 0.60738
scoring_system epss
scoring_elements 0.98281
published_at 2026-04-02T12:55:00Z
8
value 0.60738
scoring_system epss
scoring_elements 0.98284
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5375
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1325200
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1325200
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
23
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
24
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
25
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
26
reference_url https://www.exploit-db.com/exploits/42327/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42327/
27
reference_url https://www.exploit-db.com/exploits/44293/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44293/
28
reference_url https://www.exploit-db.com/exploits/44294/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44294/
29
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
30
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
31
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
32
reference_url http://www.securityfocus.com/bid/95757
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95757
33
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416271
reference_id 1416271
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416271
35
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
36
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
37
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
38
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5375
reference_id CVE-2017-5375
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5375
52
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
53
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
54
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
55
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
56
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
57
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
58
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
59
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
60
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5375
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcen-3yba-a3ht
10
url VCID-hhtb-ha1v-tffj
vulnerability_id VCID-hhtb-ha1v-tffj
summary A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5377
reference_id
reference_type
scores
0
value 0.01847
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-21T12:55:00Z
1
value 0.01847
scoring_system epss
scoring_elements 0.82917
published_at 2026-04-01T12:55:00Z
2
value 0.01847
scoring_system epss
scoring_elements 0.82991
published_at 2026-04-11T12:55:00Z
3
value 0.01847
scoring_system epss
scoring_elements 0.82985
published_at 2026-04-12T12:55:00Z
4
value 0.01847
scoring_system epss
scoring_elements 0.82981
published_at 2026-04-13T12:55:00Z
5
value 0.01847
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-18T12:55:00Z
6
value 0.01847
scoring_system epss
scoring_elements 0.82934
published_at 2026-04-02T12:55:00Z
7
value 0.01847
scoring_system epss
scoring_elements 0.82946
published_at 2026-04-04T12:55:00Z
8
value 0.01847
scoring_system epss
scoring_elements 0.82943
published_at 2026-04-07T12:55:00Z
9
value 0.01847
scoring_system epss
scoring_elements 0.82968
published_at 2026-04-08T12:55:00Z
10
value 0.01847
scoring_system epss
scoring_elements 0.82975
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5377
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1306883
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1306883
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95761
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95761
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5377
reference_id CVE-2017-5377
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5377
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5377
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhtb-ha1v-tffj
11
url VCID-htpg-t39z-nbex
vulnerability_id VCID-htpg-t39z-nbex
summary Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5379
reference_id
reference_type
scores
0
value 0.01753
scoring_system epss
scoring_elements 0.82612
published_at 2026-04-21T12:55:00Z
1
value 0.01753
scoring_system epss
scoring_elements 0.82505
published_at 2026-04-01T12:55:00Z
2
value 0.01753
scoring_system epss
scoring_elements 0.82577
published_at 2026-04-12T12:55:00Z
3
value 0.01753
scoring_system epss
scoring_elements 0.82571
published_at 2026-04-13T12:55:00Z
4
value 0.01753
scoring_system epss
scoring_elements 0.82607
published_at 2026-04-16T12:55:00Z
5
value 0.01753
scoring_system epss
scoring_elements 0.82608
published_at 2026-04-18T12:55:00Z
6
value 0.01753
scoring_system epss
scoring_elements 0.82519
published_at 2026-04-02T12:55:00Z
7
value 0.01753
scoring_system epss
scoring_elements 0.82534
published_at 2026-04-04T12:55:00Z
8
value 0.01753
scoring_system epss
scoring_elements 0.82531
published_at 2026-04-07T12:55:00Z
9
value 0.01753
scoring_system epss
scoring_elements 0.82557
published_at 2026-04-08T12:55:00Z
10
value 0.01753
scoring_system epss
scoring_elements 0.82565
published_at 2026-04-09T12:55:00Z
11
value 0.01753
scoring_system epss
scoring_elements 0.82583
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5379
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1309198
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1309198
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5379
reference_id CVE-2017-5379
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5379
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5379
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htpg-t39z-nbex
12
url VCID-hyhc-qud7-6uax
vulnerability_id VCID-hyhc-qud7-6uax
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5396
reference_id
reference_type
scores
0
value 0.01838
scoring_system epss
scoring_elements 0.82982
published_at 2026-04-16T12:55:00Z
1
value 0.01838
scoring_system epss
scoring_elements 0.82943
published_at 2026-04-13T12:55:00Z
2
value 0.01838
scoring_system epss
scoring_elements 0.82878
published_at 2026-04-01T12:55:00Z
3
value 0.01838
scoring_system epss
scoring_elements 0.82947
published_at 2026-04-12T12:55:00Z
4
value 0.01838
scoring_system epss
scoring_elements 0.82952
published_at 2026-04-11T12:55:00Z
5
value 0.01838
scoring_system epss
scoring_elements 0.82936
published_at 2026-04-09T12:55:00Z
6
value 0.01838
scoring_system epss
scoring_elements 0.82929
published_at 2026-04-08T12:55:00Z
7
value 0.01838
scoring_system epss
scoring_elements 0.82904
published_at 2026-04-07T12:55:00Z
8
value 0.01838
scoring_system epss
scoring_elements 0.82907
published_at 2026-04-04T12:55:00Z
9
value 0.01838
scoring_system epss
scoring_elements 0.82895
published_at 2026-04-02T12:55:00Z
10
value 0.03206
scoring_system epss
scoring_elements 0.87032
published_at 2026-04-21T12:55:00Z
11
value 0.03206
scoring_system epss
scoring_elements 0.87035
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5396
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1329403
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1329403
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
23
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
24
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
25
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
26
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
29
reference_url http://www.securityfocus.com/bid/95769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95769
30
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416280
reference_id 1416280
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416280
32
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
33
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
34
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
35
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5396
reference_id CVE-2017-5396
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5396
57
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
58
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
59
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
61
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
62
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
63
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
64
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
65
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5396
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyhc-qud7-6uax
13
url VCID-m59v-ygc2-qucg
vulnerability_id VCID-m59v-ygc2-qucg
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5378
reference_id
reference_type
scores
0
value 0.01705
scoring_system epss
scoring_elements 0.82347
published_at 2026-04-21T12:55:00Z
1
value 0.01705
scoring_system epss
scoring_elements 0.82273
published_at 2026-04-04T12:55:00Z
2
value 0.01705
scoring_system epss
scoring_elements 0.82268
published_at 2026-04-07T12:55:00Z
3
value 0.01705
scoring_system epss
scoring_elements 0.82295
published_at 2026-04-08T12:55:00Z
4
value 0.01705
scoring_system epss
scoring_elements 0.82302
published_at 2026-04-09T12:55:00Z
5
value 0.01705
scoring_system epss
scoring_elements 0.82322
published_at 2026-04-11T12:55:00Z
6
value 0.01705
scoring_system epss
scoring_elements 0.82315
published_at 2026-04-12T12:55:00Z
7
value 0.01705
scoring_system epss
scoring_elements 0.8231
published_at 2026-04-13T12:55:00Z
8
value 0.01705
scoring_system epss
scoring_elements 0.82344
published_at 2026-04-18T12:55:00Z
9
value 0.01705
scoring_system epss
scoring_elements 0.82241
published_at 2026-04-01T12:55:00Z
10
value 0.01705
scoring_system epss
scoring_elements 0.82254
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5378
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1312001
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1312001
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1330769
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1330769
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
24
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
25
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
26
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
29
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
30
reference_url http://www.securityfocus.com/bid/95769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95769
31
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416273
reference_id 1416273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416273
33
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
34
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
35
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
36
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5378
reference_id CVE-2017-5378
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5378
58
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
59
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
61
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
62
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
63
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
64
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
65
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
66
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5378
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m59v-ygc2-qucg
14
url VCID-qjs9-h3tt-qucf
vulnerability_id VCID-qjs9-h3tt-qucf
summary Special about: pages used by web content, such as RSS feeds, can load privileged about: pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5391
reference_id
reference_type
scores
0
value 0.02446
scoring_system epss
scoring_elements 0.85213
published_at 2026-04-18T12:55:00Z
1
value 0.02446
scoring_system epss
scoring_elements 0.85119
published_at 2026-04-01T12:55:00Z
2
value 0.02446
scoring_system epss
scoring_elements 0.85196
published_at 2026-04-11T12:55:00Z
3
value 0.02446
scoring_system epss
scoring_elements 0.85194
published_at 2026-04-12T12:55:00Z
4
value 0.02446
scoring_system epss
scoring_elements 0.85191
published_at 2026-04-13T12:55:00Z
5
value 0.02446
scoring_system epss
scoring_elements 0.85212
published_at 2026-04-21T12:55:00Z
6
value 0.02446
scoring_system epss
scoring_elements 0.85132
published_at 2026-04-02T12:55:00Z
7
value 0.02446
scoring_system epss
scoring_elements 0.85149
published_at 2026-04-04T12:55:00Z
8
value 0.02446
scoring_system epss
scoring_elements 0.85152
published_at 2026-04-07T12:55:00Z
9
value 0.02446
scoring_system epss
scoring_elements 0.85174
published_at 2026-04-08T12:55:00Z
10
value 0.02446
scoring_system epss
scoring_elements 0.85182
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5391
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1309310
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1309310
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5391
reference_id CVE-2017-5391
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5391
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5391
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qjs9-h3tt-qucf
15
url VCID-r34s-64j2-dfff
vulnerability_id VCID-r34s-64j2-dfff
summary Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5382
reference_id
reference_type
scores
0
value 0.00957
scoring_system epss
scoring_elements 0.76477
published_at 2026-04-21T12:55:00Z
1
value 0.00957
scoring_system epss
scoring_elements 0.76388
published_at 2026-04-01T12:55:00Z
2
value 0.00957
scoring_system epss
scoring_elements 0.76451
published_at 2026-04-12T12:55:00Z
3
value 0.00957
scoring_system epss
scoring_elements 0.76446
published_at 2026-04-13T12:55:00Z
4
value 0.00957
scoring_system epss
scoring_elements 0.76486
published_at 2026-04-16T12:55:00Z
5
value 0.00957
scoring_system epss
scoring_elements 0.7649
published_at 2026-04-18T12:55:00Z
6
value 0.00957
scoring_system epss
scoring_elements 0.76392
published_at 2026-04-02T12:55:00Z
7
value 0.00957
scoring_system epss
scoring_elements 0.7642
published_at 2026-04-04T12:55:00Z
8
value 0.00957
scoring_system epss
scoring_elements 0.76402
published_at 2026-04-07T12:55:00Z
9
value 0.00957
scoring_system epss
scoring_elements 0.76434
published_at 2026-04-08T12:55:00Z
10
value 0.00957
scoring_system epss
scoring_elements 0.76448
published_at 2026-04-09T12:55:00Z
11
value 0.00957
scoring_system epss
scoring_elements 0.76473
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5382
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1295322
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1295322
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5382
reference_id CVE-2017-5382
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5382
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5382
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r34s-64j2-dfff
16
url VCID-r7te-y4n3-1uhj
vulnerability_id VCID-r7te-y4n3-1uhj
summary Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5385
reference_id
reference_type
scores
0
value 0.00947
scoring_system epss
scoring_elements 0.76358
published_at 2026-04-21T12:55:00Z
1
value 0.00947
scoring_system epss
scoring_elements 0.76269
published_at 2026-04-01T12:55:00Z
2
value 0.00947
scoring_system epss
scoring_elements 0.76334
published_at 2026-04-12T12:55:00Z
3
value 0.00947
scoring_system epss
scoring_elements 0.7633
published_at 2026-04-13T12:55:00Z
4
value 0.00947
scoring_system epss
scoring_elements 0.7637
published_at 2026-04-16T12:55:00Z
5
value 0.00947
scoring_system epss
scoring_elements 0.76375
published_at 2026-04-18T12:55:00Z
6
value 0.00947
scoring_system epss
scoring_elements 0.76273
published_at 2026-04-02T12:55:00Z
7
value 0.00947
scoring_system epss
scoring_elements 0.76303
published_at 2026-04-04T12:55:00Z
8
value 0.00947
scoring_system epss
scoring_elements 0.76283
published_at 2026-04-07T12:55:00Z
9
value 0.00947
scoring_system epss
scoring_elements 0.76316
published_at 2026-04-08T12:55:00Z
10
value 0.00947
scoring_system epss
scoring_elements 0.76329
published_at 2026-04-09T12:55:00Z
11
value 0.00947
scoring_system epss
scoring_elements 0.76356
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5385
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1295945
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1295945
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5385
reference_id CVE-2017-5385
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5385
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5385
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7te-y4n3-1uhj
17
url VCID-tjjd-y1pq-ckf4
vulnerability_id VCID-tjjd-y1pq-ckf4
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0238.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0238.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5390
reference_id
reference_type
scores
0
value 0.01748
scoring_system epss
scoring_elements 0.82585
published_at 2026-04-21T12:55:00Z
1
value 0.01748
scoring_system epss
scoring_elements 0.82505
published_at 2026-04-04T12:55:00Z
2
value 0.01748
scoring_system epss
scoring_elements 0.82501
published_at 2026-04-07T12:55:00Z
3
value 0.01748
scoring_system epss
scoring_elements 0.82528
published_at 2026-04-08T12:55:00Z
4
value 0.01748
scoring_system epss
scoring_elements 0.82536
published_at 2026-04-09T12:55:00Z
5
value 0.01748
scoring_system epss
scoring_elements 0.82554
published_at 2026-04-11T12:55:00Z
6
value 0.01748
scoring_system epss
scoring_elements 0.82549
published_at 2026-04-12T12:55:00Z
7
value 0.01748
scoring_system epss
scoring_elements 0.82545
published_at 2026-04-13T12:55:00Z
8
value 0.01748
scoring_system epss
scoring_elements 0.82581
published_at 2026-04-18T12:55:00Z
9
value 0.01748
scoring_system epss
scoring_elements 0.82473
published_at 2026-04-01T12:55:00Z
10
value 0.01748
scoring_system epss
scoring_elements 0.82487
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5390
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1297361
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1297361
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
23
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
24
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
25
reference_url https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3832
26
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
27
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
28
reference_url https://www.mozilla.org/security/advisories/mfsa2017-03/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-03/
29
reference_url http://www.securityfocus.com/bid/95769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95769
30
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416279
reference_id 1416279
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416279
32
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
33
reference_url https://security.archlinux.org/ASA-201701-40
reference_id ASA-201701-40
reference_type
scores
url https://security.archlinux.org/ASA-201701-40
34
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
35
reference_url https://security.archlinux.org/AVG-158
reference_id AVG-158
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-158
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5390
reference_id CVE-2017-5390
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5390
57
reference_url https://security.gentoo.org/glsa/201702-13
reference_id GLSA-201702-13
reference_type
scores
url https://security.gentoo.org/glsa/201702-13
58
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
59
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
61
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
reference_id mfsa2017-03
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
62
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
63
reference_url https://access.redhat.com/errata/RHSA-2017:0238
reference_id RHSA-2017:0238
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0238
64
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
65
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5390
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tjjd-y1pq-ckf4
18
url VCID-u1nc-fgsw-mkhc
vulnerability_id VCID-u1nc-fgsw-mkhc
summary Mozilla developers and community members Gary Kwong, Olli Pettay, Tooru Fujisawa, Carsten Book, Andrew McCreight, Chris Pearce, Ronald Crane, Jan de Mooij, Julian Seward, Nicolas Pierron, Randell Jesup, Esther Monchari, Honza Bambas, and Philipp reported memory safety bugs present in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5374
reference_id
reference_type
scores
0
value 0.01847
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-21T12:55:00Z
1
value 0.01847
scoring_system epss
scoring_elements 0.82917
published_at 2026-04-01T12:55:00Z
2
value 0.01847
scoring_system epss
scoring_elements 0.82991
published_at 2026-04-11T12:55:00Z
3
value 0.01847
scoring_system epss
scoring_elements 0.82985
published_at 2026-04-12T12:55:00Z
4
value 0.01847
scoring_system epss
scoring_elements 0.82981
published_at 2026-04-13T12:55:00Z
5
value 0.01847
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-18T12:55:00Z
6
value 0.01847
scoring_system epss
scoring_elements 0.82934
published_at 2026-04-02T12:55:00Z
7
value 0.01847
scoring_system epss
scoring_elements 0.82946
published_at 2026-04-04T12:55:00Z
8
value 0.01847
scoring_system epss
scoring_elements 0.82943
published_at 2026-04-07T12:55:00Z
9
value 0.01847
scoring_system epss
scoring_elements 0.82968
published_at 2026-04-08T12:55:00Z
10
value 0.01847
scoring_system epss
scoring_elements 0.82975
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5374
1
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95759
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95759
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5374
reference_id CVE-2017-5374
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5374
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5374
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1nc-fgsw-mkhc
19
url VCID-vnuz-wp96-pqgt
vulnerability_id VCID-vnuz-wp96-pqgt
summary WebExtensions could use the mozAddonManager API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5389
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59095
published_at 2026-04-21T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.58975
published_at 2026-04-01T12:55:00Z
2
value 0.00374
scoring_system epss
scoring_elements 0.59112
published_at 2026-04-11T12:55:00Z
3
value 0.00374
scoring_system epss
scoring_elements 0.59075
published_at 2026-04-13T12:55:00Z
4
value 0.00374
scoring_system epss
scoring_elements 0.59111
published_at 2026-04-16T12:55:00Z
5
value 0.00374
scoring_system epss
scoring_elements 0.59116
published_at 2026-04-18T12:55:00Z
6
value 0.00374
scoring_system epss
scoring_elements 0.5905
published_at 2026-04-02T12:55:00Z
7
value 0.00374
scoring_system epss
scoring_elements 0.59072
published_at 2026-04-04T12:55:00Z
8
value 0.00374
scoring_system epss
scoring_elements 0.59037
published_at 2026-04-07T12:55:00Z
9
value 0.00374
scoring_system epss
scoring_elements 0.59088
published_at 2026-04-08T12:55:00Z
10
value 0.00374
scoring_system epss
scoring_elements 0.59094
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5389
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1308688
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1308688
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
6
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5389
reference_id CVE-2017-5389
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5389
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
10
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5389
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vnuz-wp96-pqgt
20
url VCID-vtwg-jhr9-nydc
vulnerability_id VCID-vtwg-jhr9-nydc
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0190.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0190.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5386
reference_id
reference_type
scores
0
value 0.01186
scoring_system epss
scoring_elements 0.78814
published_at 2026-04-21T12:55:00Z
1
value 0.01186
scoring_system epss
scoring_elements 0.78787
published_at 2026-04-08T12:55:00Z
2
value 0.01186
scoring_system epss
scoring_elements 0.78795
published_at 2026-04-09T12:55:00Z
3
value 0.01186
scoring_system epss
scoring_elements 0.78818
published_at 2026-04-18T12:55:00Z
4
value 0.01186
scoring_system epss
scoring_elements 0.78801
published_at 2026-04-12T12:55:00Z
5
value 0.01186
scoring_system epss
scoring_elements 0.78792
published_at 2026-04-13T12:55:00Z
6
value 0.01186
scoring_system epss
scoring_elements 0.7882
published_at 2026-04-16T12:55:00Z
7
value 0.01186
scoring_system epss
scoring_elements 0.78741
published_at 2026-04-01T12:55:00Z
8
value 0.01186
scoring_system epss
scoring_elements 0.78748
published_at 2026-04-02T12:55:00Z
9
value 0.01186
scoring_system epss
scoring_elements 0.7878
published_at 2026-04-04T12:55:00Z
10
value 0.01186
scoring_system epss
scoring_elements 0.78762
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5386
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1319070
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1319070
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://www.debian.org/security/2017/dsa-3771
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3771
15
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
16
reference_url https://www.mozilla.org/security/advisories/mfsa2017-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-02/
17
reference_url http://www.securityfocus.com/bid/95769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95769
18
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1416282
reference_id 1416282
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1416282
20
reference_url https://security.archlinux.org/ASA-201701-39
reference_id ASA-201701-39
reference_type
scores
url https://security.archlinux.org/ASA-201701-39
21
reference_url https://security.archlinux.org/AVG-157
reference_id AVG-157
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-157
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5386
reference_id CVE-2017-5386
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://nvd.nist.gov/vuln/detail/CVE-2017-5386
42
reference_url https://security.gentoo.org/glsa/201702-22
reference_id GLSA-201702-22
reference_type
scores
url https://security.gentoo.org/glsa/201702-22
43
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
44
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
reference_id mfsa2017-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
45
reference_url https://access.redhat.com/errata/RHSA-2017:0190
reference_id RHSA-2017:0190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0190
46
reference_url https://usn.ubuntu.com/3175-1/
reference_id USN-3175-1
reference_type
scores
url https://usn.ubuntu.com/3175-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@51.0.1-1
purl pkg:alpm/archlinux/firefox@51.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22xt-tnu1-gyhu
1
vulnerability VCID-3dy5-4e6w-3kgt
2
vulnerability VCID-3ehk-593t-abcp
3
vulnerability VCID-3nup-1513-ybaq
4
vulnerability VCID-3tww-nhmh-gua6
5
vulnerability VCID-667g-8khd-kkhm
6
vulnerability VCID-6b9m-3w58-qydd
7
vulnerability VCID-6m1t-sn26-fbaf
8
vulnerability VCID-6wce-w5a8-2qet
9
vulnerability VCID-6wy1-juan-8ua8
10
vulnerability VCID-dxr7-qubc-tyb7
11
vulnerability VCID-ecmf-7x8a-jugv
12
vulnerability VCID-erx8-1tfq-kyce
13
vulnerability VCID-gshc-3brh-c3dr
14
vulnerability VCID-jwze-7mfw-r3ax
15
vulnerability VCID-npyt-d8qr-wqdj
16
vulnerability VCID-qdc5-1z7p-zqar
17
vulnerability VCID-r8en-yg26-w3a1
18
vulnerability VCID-re3h-pcpx-puhe
19
vulnerability VCID-rff5-96dg-qqgp
20
vulnerability VCID-ssxw-2rbk-cyfe
21
vulnerability VCID-t4bj-qz9s-s7eb
22
vulnerability VCID-w67x-2qg8-v7gv
23
vulnerability VCID-w7g1-ub97-gqdd
24
vulnerability VCID-zpz5-xyxk-4fby
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1
aliases CVE-2017-5386
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwg-jhr9-nydc
Fixing_vulnerabilities
0
url VCID-1tcx-3zn1-ykdq
vulnerability_id VCID-1tcx-3zn1-ykdq
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9904
reference_id
reference_type
scores
0
value 0.01192
scoring_system epss
scoring_elements 0.78868
published_at 2026-04-21T12:55:00Z
1
value 0.01192
scoring_system epss
scoring_elements 0.78841
published_at 2026-04-08T12:55:00Z
2
value 0.01192
scoring_system epss
scoring_elements 0.78848
published_at 2026-04-09T12:55:00Z
3
value 0.01192
scoring_system epss
scoring_elements 0.78871
published_at 2026-04-11T12:55:00Z
4
value 0.01192
scoring_system epss
scoring_elements 0.78854
published_at 2026-04-12T12:55:00Z
5
value 0.01192
scoring_system epss
scoring_elements 0.78845
published_at 2026-04-13T12:55:00Z
6
value 0.01192
scoring_system epss
scoring_elements 0.78873
published_at 2026-04-16T12:55:00Z
7
value 0.01192
scoring_system epss
scoring_elements 0.7887
published_at 2026-04-18T12:55:00Z
8
value 0.01192
scoring_system epss
scoring_elements 0.78797
published_at 2026-04-01T12:55:00Z
9
value 0.01192
scoring_system epss
scoring_elements 0.78804
published_at 2026-04-02T12:55:00Z
10
value 0.01192
scoring_system epss
scoring_elements 0.78833
published_at 2026-04-04T12:55:00Z
11
value 0.01192
scoring_system epss
scoring_elements 0.78816
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9904
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1317936
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1317936
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
20
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404091
reference_id 1404091
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404091
22
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
23
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9904
reference_id CVE-2016-9904
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9904
37
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
38
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
39
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
40
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
41
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
42
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
43
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9904
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1tcx-3zn1-ykdq
1
url VCID-2ptm-gx1p-uyhf
vulnerability_id VCID-2ptm-gx1p-uyhf
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9897
reference_id
reference_type
scores
0
value 0.0395
scoring_system epss
scoring_elements 0.88364
published_at 2026-04-21T12:55:00Z
1
value 0.0395
scoring_system epss
scoring_elements 0.88325
published_at 2026-04-07T12:55:00Z
2
value 0.0395
scoring_system epss
scoring_elements 0.88344
published_at 2026-04-08T12:55:00Z
3
value 0.0395
scoring_system epss
scoring_elements 0.88351
published_at 2026-04-09T12:55:00Z
4
value 0.0395
scoring_system epss
scoring_elements 0.88361
published_at 2026-04-11T12:55:00Z
5
value 0.0395
scoring_system epss
scoring_elements 0.88353
published_at 2026-04-13T12:55:00Z
6
value 0.0395
scoring_system epss
scoring_elements 0.88368
published_at 2026-04-16T12:55:00Z
7
value 0.0395
scoring_system epss
scoring_elements 0.88365
published_at 2026-04-18T12:55:00Z
8
value 0.0395
scoring_system epss
scoring_elements 0.88298
published_at 2026-04-01T12:55:00Z
9
value 0.0395
scoring_system epss
scoring_elements 0.88306
published_at 2026-04-02T12:55:00Z
10
value 0.0395
scoring_system epss
scoring_elements 0.8832
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9897
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1301381
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1301381
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
20
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404087
reference_id 1404087
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404087
22
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
23
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9897
reference_id CVE-2016-9897
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9897
35
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
36
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
37
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
38
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
39
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
40
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
41
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9897
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ptm-gx1p-uyhf
2
url VCID-2xe3-59tz-zbc3
vulnerability_id VCID-2xe3-59tz-zbc3
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9901
reference_id
reference_type
scores
0
value 0.0203
scoring_system epss
scoring_elements 0.83832
published_at 2026-04-21T12:55:00Z
1
value 0.0203
scoring_system epss
scoring_elements 0.83786
published_at 2026-04-08T12:55:00Z
2
value 0.0203
scoring_system epss
scoring_elements 0.83792
published_at 2026-04-09T12:55:00Z
3
value 0.0203
scoring_system epss
scoring_elements 0.83808
published_at 2026-04-11T12:55:00Z
4
value 0.0203
scoring_system epss
scoring_elements 0.83801
published_at 2026-04-12T12:55:00Z
5
value 0.0203
scoring_system epss
scoring_elements 0.83797
published_at 2026-04-13T12:55:00Z
6
value 0.0203
scoring_system epss
scoring_elements 0.83831
published_at 2026-04-18T12:55:00Z
7
value 0.0203
scoring_system epss
scoring_elements 0.83731
published_at 2026-04-01T12:55:00Z
8
value 0.0203
scoring_system epss
scoring_elements 0.83744
published_at 2026-04-02T12:55:00Z
9
value 0.0203
scoring_system epss
scoring_elements 0.83759
published_at 2026-04-04T12:55:00Z
10
value 0.0203
scoring_system epss
scoring_elements 0.83762
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9901
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1320057
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1320057
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
19
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404358
reference_id 1404358
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404358
21
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
22
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9901
reference_id CVE-2016-9901
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9901
39
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
40
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
41
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
42
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
43
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
44
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9901
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xe3-59tz-zbc3
3
url VCID-4d2q-usge-77ft
vulnerability_id VCID-4d2q-usge-77ft
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9898
reference_id
reference_type
scores
0
value 0.02604
scoring_system epss
scoring_elements 0.85647
published_at 2026-04-21T12:55:00Z
1
value 0.02604
scoring_system epss
scoring_elements 0.85605
published_at 2026-04-08T12:55:00Z
2
value 0.02604
scoring_system epss
scoring_elements 0.85616
published_at 2026-04-09T12:55:00Z
3
value 0.02604
scoring_system epss
scoring_elements 0.85629
published_at 2026-04-11T12:55:00Z
4
value 0.02604
scoring_system epss
scoring_elements 0.85626
published_at 2026-04-12T12:55:00Z
5
value 0.02604
scoring_system epss
scoring_elements 0.85622
published_at 2026-04-13T12:55:00Z
6
value 0.02604
scoring_system epss
scoring_elements 0.85645
published_at 2026-04-16T12:55:00Z
7
value 0.02604
scoring_system epss
scoring_elements 0.8565
published_at 2026-04-18T12:55:00Z
8
value 0.02604
scoring_system epss
scoring_elements 0.8555
published_at 2026-04-01T12:55:00Z
9
value 0.02604
scoring_system epss
scoring_elements 0.85562
published_at 2026-04-02T12:55:00Z
10
value 0.02604
scoring_system epss
scoring_elements 0.8558
published_at 2026-04-04T12:55:00Z
11
value 0.02604
scoring_system epss
scoring_elements 0.85585
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9898
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1314442
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1314442
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
20
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404089
reference_id 1404089
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404089
22
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
23
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9898
reference_id CVE-2016-9898
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9898
45
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
46
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
49
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
50
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
51
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9898
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4d2q-usge-77ft
4
url VCID-5dyh-s3yd-vqes
vulnerability_id VCID-5dyh-s3yd-vqes
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9895
reference_id
reference_type
scores
0
value 0.00709
scoring_system epss
scoring_elements 0.72246
published_at 2026-04-21T12:55:00Z
1
value 0.00709
scoring_system epss
scoring_elements 0.72201
published_at 2026-04-08T12:55:00Z
2
value 0.00709
scoring_system epss
scoring_elements 0.72213
published_at 2026-04-09T12:55:00Z
3
value 0.00709
scoring_system epss
scoring_elements 0.72236
published_at 2026-04-11T12:55:00Z
4
value 0.00709
scoring_system epss
scoring_elements 0.7222
published_at 2026-04-12T12:55:00Z
5
value 0.00709
scoring_system epss
scoring_elements 0.72206
published_at 2026-04-13T12:55:00Z
6
value 0.00709
scoring_system epss
scoring_elements 0.72249
published_at 2026-04-16T12:55:00Z
7
value 0.00709
scoring_system epss
scoring_elements 0.72259
published_at 2026-04-18T12:55:00Z
8
value 0.00709
scoring_system epss
scoring_elements 0.72161
published_at 2026-04-01T12:55:00Z
9
value 0.00709
scoring_system epss
scoring_elements 0.72166
published_at 2026-04-02T12:55:00Z
10
value 0.00709
scoring_system epss
scoring_elements 0.72186
published_at 2026-04-04T12:55:00Z
11
value 0.00709
scoring_system epss
scoring_elements 0.72164
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9895
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1312272
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1312272
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
20
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
21
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404086
reference_id 1404086
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404086
23
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
24
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9895
reference_id CVE-2016-9895
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9895
46
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
50
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
51
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
52
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
53
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9895
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dyh-s3yd-vqes
5
url VCID-9fsb-vzuc-efc5
vulnerability_id VCID-9fsb-vzuc-efc5
summary A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9894
reference_id
reference_type
scores
0
value 0.01889
scoring_system epss
scoring_elements 0.83221
published_at 2026-04-21T12:55:00Z
1
value 0.01889
scoring_system epss
scoring_elements 0.83114
published_at 2026-04-01T12:55:00Z
2
value 0.01889
scoring_system epss
scoring_elements 0.83191
published_at 2026-04-11T12:55:00Z
3
value 0.01889
scoring_system epss
scoring_elements 0.83185
published_at 2026-04-12T12:55:00Z
4
value 0.01889
scoring_system epss
scoring_elements 0.83181
published_at 2026-04-13T12:55:00Z
5
value 0.01889
scoring_system epss
scoring_elements 0.83217
published_at 2026-04-16T12:55:00Z
6
value 0.01889
scoring_system epss
scoring_elements 0.83218
published_at 2026-04-18T12:55:00Z
7
value 0.01889
scoring_system epss
scoring_elements 0.83131
published_at 2026-04-02T12:55:00Z
8
value 0.01889
scoring_system epss
scoring_elements 0.83144
published_at 2026-04-04T12:55:00Z
9
value 0.01889
scoring_system epss
scoring_elements 0.83142
published_at 2026-04-07T12:55:00Z
10
value 0.01889
scoring_system epss
scoring_elements 0.83167
published_at 2026-04-08T12:55:00Z
11
value 0.01889
scoring_system epss
scoring_elements 0.83175
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9894
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1306628
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1306628
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
4
reference_url http://www.securityfocus.com/bid/94883
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94883
5
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
6
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
7
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9894
reference_id CVE-2016-9894
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9894
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
11
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9894
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fsb-vzuc-efc5
6
url VCID-fgnu-kh7z-xuau
vulnerability_id VCID-fgnu-kh7z-xuau
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9902
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61412
published_at 2026-04-21T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.614
published_at 2026-04-09T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61421
published_at 2026-04-11T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61406
published_at 2026-04-12T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61387
published_at 2026-04-13T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61425
published_at 2026-04-16T12:55:00Z
6
value 0.00411
scoring_system epss
scoring_elements 0.61429
published_at 2026-04-18T12:55:00Z
7
value 0.00411
scoring_system epss
scoring_elements 0.61259
published_at 2026-04-01T12:55:00Z
8
value 0.00411
scoring_system epss
scoring_elements 0.61339
published_at 2026-04-02T12:55:00Z
9
value 0.00411
scoring_system epss
scoring_elements 0.61368
published_at 2026-04-04T12:55:00Z
10
value 0.00411
scoring_system epss
scoring_elements 0.61338
published_at 2026-04-07T12:55:00Z
11
value 0.00411
scoring_system epss
scoring_elements 0.61384
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9902
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1320039
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1320039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
19
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404359
reference_id 1404359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404359
21
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
22
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9902
reference_id CVE-2016-9902
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9902
39
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
40
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
41
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
42
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
43
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
44
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9902
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgnu-kh7z-xuau
7
url VCID-gqhc-h5p7-dyh1
vulnerability_id VCID-gqhc-h5p7-dyh1
summary Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9903
reference_id
reference_type
scores
0
value 0.0071
scoring_system epss
scoring_elements 0.7225
published_at 2026-04-21T12:55:00Z
1
value 0.0071
scoring_system epss
scoring_elements 0.72165
published_at 2026-04-01T12:55:00Z
2
value 0.0071
scoring_system epss
scoring_elements 0.72241
published_at 2026-04-11T12:55:00Z
3
value 0.0071
scoring_system epss
scoring_elements 0.72225
published_at 2026-04-12T12:55:00Z
4
value 0.0071
scoring_system epss
scoring_elements 0.72211
published_at 2026-04-13T12:55:00Z
5
value 0.0071
scoring_system epss
scoring_elements 0.72254
published_at 2026-04-16T12:55:00Z
6
value 0.0071
scoring_system epss
scoring_elements 0.72264
published_at 2026-04-18T12:55:00Z
7
value 0.0071
scoring_system epss
scoring_elements 0.72171
published_at 2026-04-02T12:55:00Z
8
value 0.0071
scoring_system epss
scoring_elements 0.72191
published_at 2026-04-04T12:55:00Z
9
value 0.0071
scoring_system epss
scoring_elements 0.72169
published_at 2026-04-07T12:55:00Z
10
value 0.0071
scoring_system epss
scoring_elements 0.72206
published_at 2026-04-08T12:55:00Z
11
value 0.0071
scoring_system epss
scoring_elements 0.72218
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9903
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1315435
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1315435
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:M/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
4
reference_url http://www.securityfocus.com/bid/94883
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94883
5
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
6
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
7
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9903
reference_id CVE-2016-9903
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9903
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
11
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9903
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqhc-h5p7-dyh1
8
url VCID-m5pb-75ag-tfep
vulnerability_id VCID-m5pb-75ag-tfep
summary Use-after-free while manipulating the navigator object within WebVR. *Note: WebVR is not currently enabled by default.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9896
reference_id
reference_type
scores
0
value 0.01539
scoring_system epss
scoring_elements 0.814
published_at 2026-04-21T12:55:00Z
1
value 0.01539
scoring_system epss
scoring_elements 0.81299
published_at 2026-04-01T12:55:00Z
2
value 0.01539
scoring_system epss
scoring_elements 0.81363
published_at 2026-04-09T12:55:00Z
3
value 0.01539
scoring_system epss
scoring_elements 0.81384
published_at 2026-04-11T12:55:00Z
4
value 0.01539
scoring_system epss
scoring_elements 0.81369
published_at 2026-04-12T12:55:00Z
5
value 0.01539
scoring_system epss
scoring_elements 0.81361
published_at 2026-04-13T12:55:00Z
6
value 0.01539
scoring_system epss
scoring_elements 0.81399
published_at 2026-04-16T12:55:00Z
7
value 0.01539
scoring_system epss
scoring_elements 0.81308
published_at 2026-04-02T12:55:00Z
8
value 0.01539
scoring_system epss
scoring_elements 0.8133
published_at 2026-04-04T12:55:00Z
9
value 0.01539
scoring_system epss
scoring_elements 0.81329
published_at 2026-04-07T12:55:00Z
10
value 0.01539
scoring_system epss
scoring_elements 0.81358
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9896
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1315543
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1315543
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
4
reference_url http://www.securityfocus.com/bid/94883
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94883
5
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
6
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
7
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9896
reference_id CVE-2016-9896
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9896
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
11
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9896
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5pb-75ag-tfep
9
url VCID-pbrt-gcqj-kycv
vulnerability_id VCID-pbrt-gcqj-kycv
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9900
reference_id
reference_type
scores
0
value 0.01011
scoring_system epss
scoring_elements 0.77142
published_at 2026-04-21T12:55:00Z
1
value 0.01011
scoring_system epss
scoring_elements 0.77097
published_at 2026-04-08T12:55:00Z
2
value 0.01011
scoring_system epss
scoring_elements 0.77107
published_at 2026-04-09T12:55:00Z
3
value 0.01011
scoring_system epss
scoring_elements 0.77135
published_at 2026-04-11T12:55:00Z
4
value 0.01011
scoring_system epss
scoring_elements 0.77114
published_at 2026-04-12T12:55:00Z
5
value 0.01011
scoring_system epss
scoring_elements 0.77109
published_at 2026-04-13T12:55:00Z
6
value 0.01011
scoring_system epss
scoring_elements 0.77149
published_at 2026-04-16T12:55:00Z
7
value 0.01011
scoring_system epss
scoring_elements 0.77151
published_at 2026-04-18T12:55:00Z
8
value 0.01011
scoring_system epss
scoring_elements 0.77049
published_at 2026-04-01T12:55:00Z
9
value 0.01011
scoring_system epss
scoring_elements 0.77055
published_at 2026-04-02T12:55:00Z
10
value 0.01011
scoring_system epss
scoring_elements 0.77083
published_at 2026-04-04T12:55:00Z
11
value 0.01011
scoring_system epss
scoring_elements 0.77065
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9900
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1319122
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1319122
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
20
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
21
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404090
reference_id 1404090
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404090
23
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
24
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9900
reference_id CVE-2016-9900
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9900
46
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
50
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
51
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
52
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
53
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9900
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbrt-gcqj-kycv
10
url VCID-qu91-vc1p-dyb1
vulnerability_id VCID-qu91-vc1p-dyb1
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9899
reference_id
reference_type
scores
0
value 0.36421
scoring_system epss
scoring_elements 0.97134
published_at 2026-04-21T12:55:00Z
1
value 0.36421
scoring_system epss
scoring_elements 0.97102
published_at 2026-04-07T12:55:00Z
2
value 0.36421
scoring_system epss
scoring_elements 0.97112
published_at 2026-04-09T12:55:00Z
3
value 0.36421
scoring_system epss
scoring_elements 0.97116
published_at 2026-04-11T12:55:00Z
4
value 0.36421
scoring_system epss
scoring_elements 0.97117
published_at 2026-04-12T12:55:00Z
5
value 0.36421
scoring_system epss
scoring_elements 0.97118
published_at 2026-04-13T12:55:00Z
6
value 0.36421
scoring_system epss
scoring_elements 0.97126
published_at 2026-04-16T12:55:00Z
7
value 0.36421
scoring_system epss
scoring_elements 0.97129
published_at 2026-04-18T12:55:00Z
8
value 0.36421
scoring_system epss
scoring_elements 0.97089
published_at 2026-04-01T12:55:00Z
9
value 0.36421
scoring_system epss
scoring_elements 0.97096
published_at 2026-04-02T12:55:00Z
10
value 0.36421
scoring_system epss
scoring_elements 0.97101
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9899
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1317409
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1317409
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.exploit-db.com/exploits/41042/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/41042/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
20
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
21
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
22
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404083
reference_id 1404083
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404083
24
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
25
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
46
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html
reference_id CVE-2016-9899
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html
47
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9899
reference_id CVE-2016-9899
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9899
48
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
50
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
51
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
52
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
53
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
54
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
55
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9899
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qu91-vc1p-dyb1
11
url VCID-wffz-7y83-qkbm
vulnerability_id VCID-wffz-7y83-qkbm
summary Mozilla developers and community members Kan-Ru Chen, Christian Holler, and Tyson Smith reported memory safety bugs present in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9080
reference_id
reference_type
scores
0
value 0.01847
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-21T12:55:00Z
1
value 0.01847
scoring_system epss
scoring_elements 0.82917
published_at 2026-04-01T12:55:00Z
2
value 0.01847
scoring_system epss
scoring_elements 0.82975
published_at 2026-04-09T12:55:00Z
3
value 0.01847
scoring_system epss
scoring_elements 0.82991
published_at 2026-04-11T12:55:00Z
4
value 0.01847
scoring_system epss
scoring_elements 0.82985
published_at 2026-04-12T12:55:00Z
5
value 0.01847
scoring_system epss
scoring_elements 0.82981
published_at 2026-04-13T12:55:00Z
6
value 0.01847
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-18T12:55:00Z
7
value 0.01847
scoring_system epss
scoring_elements 0.82934
published_at 2026-04-02T12:55:00Z
8
value 0.01847
scoring_system epss
scoring_elements 0.82946
published_at 2026-04-04T12:55:00Z
9
value 0.01847
scoring_system epss
scoring_elements 0.82943
published_at 2026-04-07T12:55:00Z
10
value 0.01847
scoring_system epss
scoring_elements 0.82968
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9080
1
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1289701%2C1314401%2C1315848
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1289701%2C1314401%2C1315848
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
4
reference_url http://www.securityfocus.com/bid/94883
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94883
5
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
6
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
7
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9080
reference_id CVE-2016-9080
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9080
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
11
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9080
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wffz-7y83-qkbm
12
url VCID-ysg5-wc3n-fbgw
vulnerability_id VCID-ysg5-wc3n-fbgw
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9893
reference_id
reference_type
scores
0
value 0.02683
scoring_system epss
scoring_elements 0.85866
published_at 2026-04-21T12:55:00Z
1
value 0.02683
scoring_system epss
scoring_elements 0.85831
published_at 2026-04-08T12:55:00Z
2
value 0.02683
scoring_system epss
scoring_elements 0.85842
published_at 2026-04-09T12:55:00Z
3
value 0.02683
scoring_system epss
scoring_elements 0.85856
published_at 2026-04-11T12:55:00Z
4
value 0.02683
scoring_system epss
scoring_elements 0.85853
published_at 2026-04-12T12:55:00Z
5
value 0.02683
scoring_system epss
scoring_elements 0.85849
published_at 2026-04-13T12:55:00Z
6
value 0.02683
scoring_system epss
scoring_elements 0.85868
published_at 2026-04-16T12:55:00Z
7
value 0.02683
scoring_system epss
scoring_elements 0.85873
published_at 2026-04-18T12:55:00Z
8
value 0.02683
scoring_system epss
scoring_elements 0.85776
published_at 2026-04-01T12:55:00Z
9
value 0.02683
scoring_system epss
scoring_elements 0.85789
published_at 2026-04-02T12:55:00Z
10
value 0.02683
scoring_system epss
scoring_elements 0.85807
published_at 2026-04-04T12:55:00Z
11
value 0.02683
scoring_system epss
scoring_elements 0.85813
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9893
4
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
20
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
21
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404096
reference_id 1404096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404096
23
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
24
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9893
reference_id CVE-2016-9893
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9893
46
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
50
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
51
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
52
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
53
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:alpm/archlinux/firefox@50.1.0-1
purl pkg:alpm/archlinux/firefox@50.1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z19-eyh7-9yf4
1
vulnerability VCID-5n3q-eby7-67de
2
vulnerability VCID-84kk-wfxx-t3c8
3
vulnerability VCID-af6b-4jqc-fugx
4
vulnerability VCID-ahzr-nr7g-5ue2
5
vulnerability VCID-bjyq-1zfk-eugq
6
vulnerability VCID-c8p3-ef58-wudt
7
vulnerability VCID-dv2d-9a59-xkaq
8
vulnerability VCID-e2ww-ngam-cugq
9
vulnerability VCID-gcen-3yba-a3ht
10
vulnerability VCID-hhtb-ha1v-tffj
11
vulnerability VCID-htpg-t39z-nbex
12
vulnerability VCID-hyhc-qud7-6uax
13
vulnerability VCID-m59v-ygc2-qucg
14
vulnerability VCID-qjs9-h3tt-qucf
15
vulnerability VCID-r34s-64j2-dfff
16
vulnerability VCID-r7te-y4n3-1uhj
17
vulnerability VCID-tjjd-y1pq-ckf4
18
vulnerability VCID-u1nc-fgsw-mkhc
19
vulnerability VCID-vnuz-wp96-pqgt
20
vulnerability VCID-vtwg-jhr9-nydc
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1
aliases CVE-2016-9893
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ysg5-wc3n-fbgw
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1